How can bots help proactively build privacy and consumer trust in online services?

Is data privacy falling by the wayside in the rush to digitize online services? When users interact with social media, chat apps, online retailers, financial services and more, how personal data is used is a source of increasing concern for consumers.

A MEF study published in 2016 revealed that 36 per cent of consumers are put off from downloading and using more mobile apps and services due to privacy and security concerns whilst 52 per cent have deleted apps that worried them.

The network operator is looking for concepts for the technical implementation of a privacy bot, i.e., a smart, digital data-privacy helper, and the winner of the competition will receive 10,000 euros. Deutsche Telekom also plans to shepherd the winning concept into practice.

MEF Minute caught up with Claus-Dieter Ulmer, Global Data Privacy Officer at Deutsche Telekom to discuss how bots can bridge the privacy gap for consumers.

Everything that can be connected will be connected

Nearly all new products and offered services have at least a digital component that shall enhance the user experience. When you have a look at communicating toothbrushes or interacting cars you will see that the Internet of Things is already

On the one hand this might lead to more usability of the products and services. But on the other hand it also leads to more data, more data flow, more data exchange and more data analytics. This makes the user feel that he is losing control over his personal data.

What are the general trends in growth?

On the side of the businesses we still see a strong growth in cloud computing models and data analytics. Cloud Computing stands for more efficiency. Data Analytics gives the companies the opportunity to better understand their own processes and – of cause – their customers.

This leads to the trends in the consumer area. Data collecting via social networks and digital products and services is still an unbroken trend. And certainly not to forget the Internet of Things

My personal opinion is that users are still not aware of what is happening “behind the screen”.

How have models changed for monetising online products and services?

Not that much – but they became more sophisticated. There are still two main objectives. In most cases, they apply both to a product and to a service. If a product or service delivers high usability and value add for the user it can monetize by payment for the product itself or parts of the product.

An example for that are the in-app buys you can make in gaming apps or the premium versions of social network offers.

Another monetization approach is the analysis of the customer data and selling the results to other companies or using it to offer for example consumer targeted advertising. Examples for that are search engines that collect user information and analyse it to present the right adds to the right people at the right time.

Tracking solutions are following the same principles. Some companies might even sell the data of their user to other companies.

My personal opinion is that users are still not aware of what is happening “behind the screen”.

It is hard for a human being sitting in his living room at his computer to verify that what he sees is only the smallest part of what is going on with his data. And – as long as we as an individual will not able to install “data monitoring tools” – none of us will ever be able to know what really happens to the information you enter into your keyboard.

This is a matter of trust.

Are companies doing enough to help consumers understand how their online privacy is protected?

Yes and no. Most companies are certainly compliant with the applicable data protection regulation. But that is not enough. In most cases the Privacy Policies – as an example – are far too long and too legal in their wording to be understood by the average user. We have to take additional effort to take the customer with us.

Deutsche Telekom has launched the so called “Privacy One Pager” last year that comprises the relevant information for the customer on one page. This is accepted very well meanwhile. Together with others we are also working on the design of easy to understand icons that will give the user a general guidance of what is going on. In addition icons will give us the opportunity to connect the digital and the analogue world. Like the CCTV-icon they might give you information what kind of data processing in a specific retail store takes place, like indoor tracking.

Shibboleths like “back to analogue” should be a wake-up call for companies to care more for their customers.

Do current transparency arrangements go far enough?

No. Transparency is the number one to do for companies these days. Only if the customer is aware what is going on he will let it happen.

Sounds contradicting – but isn’t. We remarked that if customers know what is going on and if they have the chance to opt out at any time they prefer to wait and see what will happen before they stop it.

On the other hand they tend more to prohibit things when it is unclear what is going on. Uncertainty raises concerns.

Beyond compliance with regulation like GDPR how should companies approach privacy of consumer data?

Turn to the customer as a partner. Build trust wherever you can. Invest in this. Support his digital sovereignty.

As we know from studies they made in the US, the user starts refraining from using internet services because the fear a misuse of their data. If this trend keeps growing it will endanger our digital business models. Shibboleths like “back to analogue” should be a wake-up call for companies to care more for their customers.

How can consumers take more control of their privacy?

Nowadays it is very hard to keep control because the manifold interconnectedness cannot really be transparent for us. And transparency is one of the main preconditions for gaining control.

I can also not say that even those guys who have “nothing to hide” don’t have anything to worry about. Today there is no longer real uncritical information because you never know which data are matched with what other data and what conclusions the algorithms will draw out of it.

How can bots help with consumer control?

Bots – depending on the level of sophistication – can at least help us to get more transparency about what is happening with our data in the services and products we use.

In many cases, for example when we book a trip to somewhere, we are facing delivery chains (airplane, hotel, taxi, restaurant). Even more when these trips will be booked by digital assistants. In this case a Privacy Bot on a first level shall help to make the policies and privacy requirements transparent to me and give me the chance to change the provider if I do not agree.

On a next level a Privacy Bot should be able to negotiate my Privacy requirements with the providers and give me a message if they do not agree (my requirements are for example: airline can keep the data for further bookings and direct marketing measures, hotel only for booking purposes, taxi only needs to know that I am good for payments – the same for the restaurant).

A privacy bot can be a measure to create a kind of a level playing field between the technological advantaged companies and the consumer.

I hope very much that we will get some good ideas out of our competition.

Claus-Dieter Ulmer

Global Data Privacy Officer, Deutsche Telekom

The competition kicks off on European Data Protection Day on January 28, 2017 and runs until April 30, 2017. The objective is to find concepts for technically implementing a privacy bot, in other words an intelligent, digital data privacy assistant and the winners will be chosen by a panel of judges comprising data privacy and innovation experts from Deutsche Telekom and members of the Company’s Data Privacy Advisory Council.

The competition is open to everyone. Concepts may be submitted in either English or German to privacy-bot@telekom.de. The runner-up will receive 2,500 euros, and the second runner-up 1,000 euros. The rights for the concepts will remain with the developers.